diff options
author | David Benjamin <davidben@google.com> | 2017-09-07 18:39:40 -0400 |
---|---|---|
committer | Benjamin Kaduk <kaduk@mit.edu> | 2017-09-08 13:58:59 -0500 |
commit | a9c0d8beeae98355a2ef6ae1f0a9ba624be8bd54 (patch) | |
tree | b5b288d32bfa9463542350a0bfc7d20c394b0e08 /ssl | |
parent | 4e049e2c3658ee2bc6e63e696a3779d2f9eed377 (diff) | |
download | openssl-a9c0d8beeae98355a2ef6ae1f0a9ba624be8bd54.tar.gz |
Rename SSL_CTX_set_early_cb to SSL_CTX_set_client_hello_cb.
"Early callback" is a little ambiguous now that early data exists.
Perhaps "ClientHello callback"?
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4349)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_lib.c | 27 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 11 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 10 |
3 files changed, 26 insertions, 22 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 70f4acf027..a909a57eb8 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3301,8 +3301,8 @@ int SSL_get_error(const SSL *s, int i) return SSL_ERROR_WANT_ASYNC; if (SSL_want_async_job(s)) return SSL_ERROR_WANT_ASYNC_JOB; - if (SSL_want_early(s)) - return SSL_ERROR_WANT_EARLY; + if (SSL_want_client_hello_cb(s)) + return SSL_ERROR_WANT_CLIENT_HELLO_CB; if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) @@ -4700,27 +4700,28 @@ const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const SSL_CTX *ctx) #endif /* OPENSSL_NO_CT */ -void SSL_CTX_set_early_cb(SSL_CTX *c, SSL_early_cb_fn cb, void *arg) +void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn cb, + void *arg) { - c->early_cb = cb; - c->early_cb_arg = arg; + c->client_hello_cb = cb; + c->client_hello_cb_arg = arg; } -int SSL_early_isv2(SSL *s) +int SSL_client_hello_isv2(SSL *s) { if (s->clienthello == NULL) return 0; return s->clienthello->isv2; } -unsigned int SSL_early_get0_legacy_version(SSL *s) +unsigned int SSL_client_hello_get0_legacy_version(SSL *s) { if (s->clienthello == NULL) return 0; return s->clienthello->legacy_version; } -size_t SSL_early_get0_random(SSL *s, const unsigned char **out) +size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out) { if (s->clienthello == NULL) return 0; @@ -4729,7 +4730,7 @@ size_t SSL_early_get0_random(SSL *s, const unsigned char **out) return SSL3_RANDOM_SIZE; } -size_t SSL_early_get0_session_id(SSL *s, const unsigned char **out) +size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out) { if (s->clienthello == NULL) return 0; @@ -4738,7 +4739,7 @@ size_t SSL_early_get0_session_id(SSL *s, const unsigned char **out) return s->clienthello->session_id_len; } -size_t SSL_early_get0_ciphers(SSL *s, const unsigned char **out) +size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out) { if (s->clienthello == NULL) return 0; @@ -4747,7 +4748,7 @@ size_t SSL_early_get0_ciphers(SSL *s, const unsigned char **out) return PACKET_remaining(&s->clienthello->ciphersuites); } -size_t SSL_early_get0_compression_methods(SSL *s, const unsigned char **out) +size_t SSL_client_hello_get0_compression_methods(SSL *s, const unsigned char **out) { if (s->clienthello == NULL) return 0; @@ -4756,7 +4757,7 @@ size_t SSL_early_get0_compression_methods(SSL *s, const unsigned char **out) return s->clienthello->compressions_len; } -int SSL_early_get1_extensions_present(SSL *s, int **out, size_t *outlen) +int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen) { RAW_EXTENSION *ext; int *present; @@ -4788,7 +4789,7 @@ int SSL_early_get1_extensions_present(SSL *s, int **out, size_t *outlen) return 0; } -int SSL_early_get0_ext(SSL *s, unsigned int type, const unsigned char **out, +int SSL_client_hello_get0_ext(SSL *s, unsigned int type, const unsigned char **out, size_t *outlen) { size_t i; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 59fba61a99..64d5e720e1 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -877,9 +877,9 @@ struct ssl_ctx_st { ENGINE *client_cert_engine; # endif - /* Early callback. Mostly for extensions, but not entirely. */ - SSL_early_cb_fn early_cb; - void *early_cb_arg; + /* ClientHello callback. Mostly for extensions, but not entirely. */ + SSL_client_hello_cb_fn client_hello_cb; + void *client_hello_cb_arg; /* TLS extensions. */ struct { @@ -1252,7 +1252,10 @@ struct ssl_st { size_t tls13_cookie_len; } ext; - /* Parsed form of the ClientHello, kept around across early_cb calls. */ + /* + * Parsed form of the ClientHello, kept around across client_hello_cb + * calls. + */ CLIENTHELLO_MSG *clienthello; /*- diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index d2f8f90109..360cd1c20b 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1430,15 +1430,15 @@ static int tls_early_post_process_client_hello(SSL *s, int *pal) DOWNGRADE dgrd = DOWNGRADE_NONE; /* Finished parsing the ClientHello, now we can start processing it */ - /* Give the early callback a crack at things */ - if (s->ctx->early_cb != NULL) { + /* Give the ClientHello callback a crack at things */ + if (s->ctx->client_hello_cb != NULL) { int code; - /* A failure in the early callback terminates the connection. */ - code = s->ctx->early_cb(s, &al, s->ctx->early_cb_arg); + /* A failure in the ClientHello callback terminates the connection. */ + code = s->ctx->client_hello_cb(s, &al, s->ctx->client_hello_cb_arg); if (code == 0) goto err; if (code < 0) { - s->rwstate = SSL_EARLY_WORK; + s->rwstate = SSL_CLIENT_HELLO_CB; return code; } } |